CVE-2022-23636

MEDIUM5.9EPSS 0.18%

Miscompilation of constant values in division on AArch64

Published: 7/21/2022Modified: 10/28/2025

Also known as:GHSA-7f6x-jwh5-m9r4 GHSA-88xq-w8cq-xfg7RUSTSEC-2022-0096RUSTSEC-2022-0101

Description

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-7f6x-jwh5-m9r4. For more information see the GitHub-hosted security advisory.

Affected packages (5)

crates.io/cranelift-codegenfrom 0, < 0.85.2
crates.io/wasmtimefrom 0, < 0.38.2
crates.io/wasmtime>= 0.34.0, < 0.34.1
crates.io/wasmtime>= 0.0.0-0, < 0.33.1, >= 0.34.0, < 0.34.1
crates.io/wasmtime>= 0.0.0-0, < 0.38.2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References (10)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-23636
ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-31169
PATCHhttps://crates.io/crates/wasmtime
PATCHhttps://github.com/bytecodealliance/wasmtime
WEBhttps://github.com/bytecodealliance/wasmtime/commit/2ba4bce5cc719e5a74e571a534424614e62ecc41
WEBhttps://github.com/bytecodealliance/wasmtime/commit/886ecc562040bef61faf19438c22285c2d62403a
WEBhttps://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-7f6x-jwh5-m9r4
WEBhttps://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-88xq-w8cq-xfg7
WEBhttps://rustsec.org/advisories/RUSTSEC-2022-0096.html
WEBhttps://rustsec.org/advisories/RUSTSEC-2022-0101.html